Terms of Service

Last Updated: October 17, 2025

1. Introduction and Acceptance

Welcome to Kolega.Dev, operated by KLG Tech Innovations Limited ("Kolega," "we," "us"). These Terms of Service ("Terms") govern your use of our autonomous security remediation platform and services at kolega.dev (the "Service").

This policy applies to individual users of our Service for the Free and Pro tiers. By creating an account, accessing our platform, or using our Service, you agree to these Terms, our Privacy Policy (kolega.dev/privacy-policy), our Copyright Notice (kolega.dev/copyright-notice), and all applicable laws. If you're using our Service for an organisation, you represent that you have authority to bind that organisation to these Terms.

2. Service Description

Kolega.Dev is an autonomous security remediation platform that connects to your GitHub repositories via GitHub App. The Service detects vulnerabilities through traditional and AI-powered scans, generates context-aware fixes, tests them in isolated environments, and creates production-ready pull requests automatically. Our Service includes code scanning (SAST, SCA, Secret Detection), AI-powered deep analysis, automated remediation generation, and integrations with development tools such as GitHub and Jira.

3. Eligibility

You must be at least 18 years old to use our Service. By registering, you confirm that:

  • You meet the age requirement
  • You haven't been previously banned from our Service
  • Your use complies with all applicable laws
  • You have authority to accept these Terms

4. Account Registration and Security

To access our Service, you must create an account using GitHub OAuth authentication with accurate, complete information. You're responsible for:

  • Maintaining current account information
  • Protecting your login credentials and GitHub access tokens
  • All activities under your account
  • Notifying us immediately of unauthorised access at contact@kolega.ai

5. Subscription Plans and Pricing

5.1 Service Tiers

We offer the following subscription plans:

Free ($0/month):

1 user, 0 PRs for private repositories, scheduled scanning only with 20 SAST scans/month and 4 deep scans/month. Includes limited core features: issue context and estimated time, and ticket integration.

Pro ($99/month):

1 user, 4 PRs/month for private repositories, scheduled scanning only with 20 SAST scans/month and 4 deep scans/month, noise reduction. Includes all core features with fixed limits.

Team ($499/month):

5 users, 25 PRs/month for private repositories, on-demand and triggered scanning with 20 SAST scans/month and 8 deep scans/month, noise reduction, flexible top-ups for scans and PRs. Includes all core features plus action audit and logging.

Enterprise (Custom pricing):

Custom users, custom PRs for all repositories, custom/continuous scanning frequency with custom scan allowances. Includes all core features plus enterprise features: action audit and logging, self-hosted runners, SSO/SAML authentication, automated vulnerability exploitation testing, and comprehensive compliance readiness (SOC2, ISO, HIPAA, GDPR, CCPA, PCI, Bespoke).

Additional scan and PR credits are available as top-up options for Team tier subscribers. Top-up credits allow you to extend your usage beyond the included monthly allowances.

5.2 Pricing and Currency

All fees are displayed in USD and are non-refundable except where required by law. Prices may be shown in other currencies based on your location at current exchange rates.

5.3 Payment Terms

  • Monthly subscriptions auto-renew unless cancelled before the renewal date
  • Payment processing is handled by CityPay
  • You authorise us to charge your payment method for all applicable fees
  • Unpaid accounts may be suspended or terminated

5.4 Usage Limits

  • Subscriptions provide platform access, features, and monthly PR allowances
  • PR limits for private repositories reset monthly based on your billing cycle
  • Unused PRs do not roll over to the following month

5.5 Upgrades and Overages

If you exceed your monthly PR limits for private repositories, you may upgrade to a higher tier to continue generating pull requests. Team tier subscribers can purchase top-up credits for additional scans and PRs. Enterprise customers may contact us for custom usage arrangements.

6. Acceptable Use Policy

6.1 Prohibited Activities

You agree not to:

  • Infringe intellectual property rights
  • Violate any laws or regulations
  • Harass, threaten, or harm others
  • Distribute malware or harmful code
  • Attempt unauthorised access to systems
  • Scrape or extract data from our Service
  • Interfere with Service operations
  • Use the Service to develop competing products
  • Submit sensitive regulated data (HIPAA, PCI-DSS, etc.)
  • Use the Service to scan repositories you do not have authorisation to access
  • Abuse the remediation features to generate code for purposes other than security fixes
  • Impersonate others or misrepresent affiliations

6.2 Content Standards

All code and content you submit for scanning must comply with applicable laws and must not contain material that is offensive, discriminatory, or harmful.

6.3 Enforcement

Violations may result in warnings, suspension, or permanent termination at our discretion.

7. Intellectual Property Rights

7.1 Our Property

The Service, including its design, features, and technology, remains our exclusive property. No rights are granted except those explicitly stated in these Terms.

7.2 Your Content

  • You retain ownership of code you provide for scanning ("Input")
  • You own the remediation patches and fixes Kolega.Dev generates for you ("Output")
  • You grant us a limited licence to process your Input solely to provide the Service
  • Similar Outputs may be generated for other users with similar vulnerabilities

7.3 No Training Use

We do not use your Input or Output to train AI models.

8. Beta Features

We may offer trial or beta features that are provided "AS IS" without warranties. These may be modified or discontinued at any time. Your use of beta features constitutes acceptance of these conditions.

9. Third-Party Services

Our Service integrates with third-party platforms including GitHub for repository access and pull request creation, Jira for ticket management, and AI providers (Anthropic and OpenAI) for code analysis and fix generation. Your use of these integrations is subject to their respective terms. We're not responsible for third-party services' functionality or data practices.

10. Privacy and Data Protection

Our Privacy Policy explains how we collect and use your information. Key points include:

  • We process data only to provide our Service
  • Code is accessed temporarily for scanning and discarded after processing
  • We implement industry-standard security measures
  • Your data is not used for AI training

11. Service Modifications

We may modify, suspend, or discontinue Service features at any time. While we strive for reliability, we cannot guarantee uninterrupted access. You should maintain your own backups of important code and configurations.

12. Indemnification

You agree to defend and indemnify Kolega and its affiliates from any claims arising from:

  • Your use of the Service
  • Violations of these Terms
  • Infringement of third-party rights
  • Disputes with other parties

13. Disclaimers

THE SERVICE IS PROVIDED "AS IS" WITHOUT WARRANTIES OF ANY KIND. WE DISCLAIM ALL IMPLIED WARRANTIES INCLUDING MERCHANTABILITY AND FITNESS FOR PARTICULAR PURPOSE. GENERATED REMEDIATIONS AND FIXES MAY CONTAIN ERRORS AND SHOULD BE REVIEWED BEFORE MERGING TO PRODUCTION. KOLEGA.DEV DOES NOT GUARANTEE THAT ALL VULNERABILITIES WILL BE DETECTED OR THAT ALL FIXES WILL BE CORRECT.

14. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW:

  • We exclude liability for indirect, consequential, or punitive damages
  • Our total liability is limited to fees paid in the 12 months before the claim or €100, whichever is greater
  • These limitations are fundamental to our Service offering

15. Termination

15.1 Termination Rights

  • You may stop using our Service at any time
  • We may terminate accounts for violations or at our discretion
  • Termination doesn't relieve payment obligations

15.2 Effect of Termination

Upon termination:

  • Your access ends immediately
  • Outstanding fees remain due
  • You may lose access to scan results and remediation history
  • Certain Terms survive (intellectual property, indemnification, limitations)

16. Dispute Resolution

16.1 Governing Law

These Terms are governed by UK law. The courts of the United Kingdom have exclusive jurisdiction.

16.2 Dispute Process

We encourage resolving disputes through direct communication. Contact us at contact@kolega.ai to address concerns before pursuing formal proceedings.

17. General Provisions

17.1 Complete Agreement

These Terms and referenced policies constitute our entire agreement.

17.2 Updates

We may update these Terms with 30 days' notice for material changes. Continued use constitutes acceptance.

17.3 Assignment

You may not transfer these Terms. We may assign our rights and obligations.

17.4 Electronic Communications

You consent to receive electronic communications which satisfy legal writing requirements.

18. Contact Information

KLG Tech Innovations Limited

Val Verclut, La Route des Cotils

Grouville, JE3 9AP, Jersey

Email: contact@kolega.ai

19. Additional Provisions

19.1 Export Compliance

The Service may be subject to export controls. You agree to comply with applicable trade regulations.

19.2 Force Majeure

Neither party is liable for delays due to circumstances beyond reasonable control.

19.3 Questions and Contact

All users may contact us with questions about these Terms or our Service using the contact information provided above.

19.4 Support

We provide support at our discretion according to published policies.

© 2025 Kolega.Dev. All rights reserved.